Advisor | Cybersecurity Advisor | FactSet | Careers | Job | Alert | Latest Jobs 2022
About Company
FactSet is a strong information system that aggregates hundreds of datasets. Business analysts, portfolio managers, investment bankers / management firms, and other financial professionals can use it to study companies, portfolios, markets, and economies because it is a one-stop shop for financial data and analytics. FactSet, headquartered in Norwalk, Connecticut, was founded in 1978 and now employs almost 10,000 people in 64 sites across the world. It has annual revenues of over $1.1 billion.
Our operations are spread across North America, Europe, and the Pacific Rim. The Company has been publicly traded on the New York Stock Exchange under the symbol FDS since 1996, and it is also dual-listed on the NASDAQ under the same symbol. It provides comprehensive financial and economic information to the investment management and banking industries.
The spirit of going above and beyond for our clients and each other unites us. We want to cultivate a globally inclusive culture that allows our employees to be themselves at work and to participate, be heard, contribute, and grow. We are always looking for people with different ideas, backgrounds, and experiences to join our team.
We understand that our best ideas can come from anybody, anywhere, at any time, and that they can assist us in providing the best solutions for our clients all over the world. FactSet is a great place to work because of our inclusive work environment, which maximises our diverse values, engagement, and productivity.
Job Description
FactSet is looking for a Cybersecurity Advisor to join their global Security team with experience in vulnerability management, development, and remediation. Vulnerability management, penetration testing, and, most importantly, system remediation are all skills that the ideal applicant will possess.
To promote comprehensive change inside FactSet centred on remediation, you will coordinate efforts with outstanding employees in Network Engineering, Systems Engineering, Client Services, and the Security Team. Because the job requires extensive direct engagement with internal clients and stakeholders, a well-organized person with project management abilities, perseverance, effective communication, and interpersonal skills is required.
Responsibilities
- Focused on managing remediation efforts of potential risks, threats, vulnerabilities and exploits in systems and applications
- Support the creation of applicable remediation strategies
- Support the automation of security testing and more efficient discovery, tracking, and resolution of security vulnerabilities
- Support the writing and creation of vulnerability database queries and the presentation of vulnerability data in dashboarding technologies
- Educate employees on applying updates and configuration best practices
- The Cybersecurity Advisor will be responsible for completing the following tasks:
- Analyze and prioritize risk assessments and security testing as part of the Risk Management Framework (RMF) Assessment and Authorization (A&A) Process.
- Develop, document, and implement process changes that lead to improved efficiency and depth of assessments.
- Demonstrated ability to conduct root cause analysis when identifying problems.
- Proactively monitoring the security, capacity and availability of an enterprise network.
- Assessing security controls in accordance to security standards, frameworks, laws and policies.
- Ability to interpret policies, procedures, standards, guidelines, and regulations to include National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA).
- Collect, track, and manage security artifacts and documentation.
- Reporting, including but not limited to:
- Draft, track and update technical reports
- Creation and maintenance of reporting dashboards to assist teams and leadership
- Organize, analyze and develop detailed asset state and vulnerability reports
The Cybersecurity Advisor in this position will spend 50% of their time providing vulnerability tracking and reporting. In this role you are expected to:
- Analyzing vulnerability scans at the network, operating system, database, and application levels on both internal and external systems within FactSet’s enterprise
- Coordinating with the applicable infrastructure teams to ensure remediation activities are tested, planned and implemented efficiently
- Generate reports so system owners know what and how to mitigate findings
- Create tickets to report (notify) and track mitigation
- Identify and prove false positive findings; document and create exclusions in the vulnerability scanner
- Resolve tickets after findings have been mitigated
- Assist engineers with remediation recommendations needed to resolve identified vulnerabilities
- Assist in the implementation of security tools to security and development environments
- The Cybersecurity Advisor in this position will spend 40% of their time providing development and maintenance support of an internal, enhanced vulnerability database. In this role you are expected to:
- Architect scalable data analysis for assisting and influence engineers with remediation recommendations
- Design compelling and scalable reporting using the vulnerability information from the vulnerability management platform
- Design impactful tools for efficient triaging and resolving tickets
- Analyze the vulnerability findings along with asset information to create impactful decisions and reporting for senior leadership.
The Cybersecurity Advisor in this position will spend 10% of their time focused on process improvement initiatives. In this role you are expected to:
- Identify situations where our program is not functioning as expected, EX: failed credentials
- Collaborate with team members to create/improve automation scripts using the vulnerability management platform
- Improve the report process through various means like data exportation or via dashboards
- Assist with the creation and maintenance of internal tools/scripts for security
- Facilitate educational opportunities for patching and configuration practices
- Continuously consider ways to improve the vulnerability management program and our processes
- Look for ways to streamline or improve the jobs of other teams at FactSet
Eligibilities
- 4+ years of relevant Security Engineering/Analysis with a focus on Vulnerability Management, Penetration Testing or Security Assurance
- Bachelors or Masters in Computer Science/Engineering/Security or related field
- Detail-oriented and quality-driven with excellent communication and inter-personal skills
- Extensive experience in systems administration and system hardening
- Experience with Systems Management Software Products for Windows and Linux
- Knowledge of common operating system and software vulnerabilities, such as the Bluekeep, Spectre, WannaCry, Heartbleed, etc.
- Strong understanding of network topology
- Experience in security testing for cloud services (AWS, Azure) is a plus
- Experience with Data Visualization tools is a plus
- Experience with scripting/query languages such as SQL and Python is a plus
- Understanding of vulnerability scanning tools Nexpose or Nessus
- Relevant industry training and/or certification is a plus: CSSLP, CISSP, CEH, GPEN, CCNP
- Able to deliver quality results in a high-energy/high-pressure environment
- Ability to multi-task and manage demands of many projects, issues, and tasks
- Ability to perform duties with minimal supervision
Tools and Capabilities:
- Nexpose, Nessus, nmap, Metasploit
- WSUS, SCCM, ksplice, yum
- MySQL, MSSQL, NoSQL
- Perl, Python, Shell Script or PHP
- Cloud Platforms (AWS, Azure)
Аррly Link is given belоw jоin us fоr Reсent Uрdаte